1. Copyright 2009 Trend Micro Inc.
DCS-ECCT – Cloud Architecture High
Level Design
1
Jack Kuo/Alex Wang
05/27/2013
2. Copyright 2009 Trend Micro Inc.
Agenda
Design Considerations
Design Guidelines
DC Cloud High Level Architecture
Global Cloud High Level Architecture
3. Copyright 2009 Trend Micro Inc.
Design Considerations
Service Assurance
High Availability
Secure Tenant segregation
Data Center Scalability through Modular
Infrastructure
4. Copyright 2009 Trend Micro Inc.
Service Assurance
Differentiated Service Requirements for Different
service types: Production (Critical),
Development/Testing, and Staging.
Differentiated Service levels are fulfilled with
modular POD designs, with Tier1 resource
guaranteed in critical POD while Tier2 resource
allow cost reduction.
Differentiated Service profile is cost efficient in
private cloud environment.
5. Copyright 2009 Trend Micro Inc.
High Availability
Infrastructure high availability through datacenter,
availability zone, POD, Cluster, and physical
redundancy.
Infrastructure is ready for manual or automatic
disaster recovery plans.
Public cloud can be an option for disaster
recovery.
Bursting traffic can be served by public cloud to
prevent over provision in private cloud.
6. Copyright 2009 Trend Micro Inc.
Secure Tenant Segregation
Secure Tenant Segregation through segregation
of network, compute and storage.
Segregate tenants/services with PODs or
availability zones deployments.
Could infrastructure component outage will not
impact any service…. Or only impact single
service.
Secure Tenant Segregation did not cover
application dependency. For example, ERS can
impact HES in application level.
7. Copyright 2009 Trend Micro Inc.
Datacenter Scalability through
Modular Infrastructure
Elasticity can be scaled with vertical scale inside a
POD or horizontally scale across PODs,
Availability Zones, and Datacenters.
A modular design unit- POD is the basic building
block.
A POD contains its delectated infrastructure
network, compute node, and storage node and
can share VM networks within an availability zone.
POD forms availability zone, and then
datacenters.
POD can be migrated and repurposed.
8. Copyright 2009 Trend Micro Inc.
Design Guidelines
Loosely Coupled, Stateless, and fail-in-place
computing
Horizontal Scaling
Parallelization
9. Copyright 2009 Trend Micro Inc.
Loosely Coupled, Stateless, and
Fail-in-Place Computing
Old Paradigms of web services are more
important in cloud computing as Cloud is by
nature very dynamic.
Application and infrastructure components need to
be loosely coupled, stateless, and fail-in-place
with no impact to service.
Same paradigms applied to cloud platform
hardware, the hardware should be loosely
coupled, stateless, and be ready to fail with no
impact/minimal impact.
Asynchronous tasks and messaging system are
the two keys for Loosely Coupled Architecture.
10. Copyright 2009 Trend Micro Inc.
Loosely Coupled, Stateless, and
Fail-in-Place Computing
Cloud architecture is loosely coupled with
management servers, compute nodes, storage
nodes and DB nodes.
Management servers, compute nodes, storage
nodes, are stateless. The transaction traffic can be
served by any nodes in the Cloud.
Any cloud components are designed to be hitless
and be ready to fail-in-place with no impact to the
service.
Users submit asynchronous Cloud jobs like create
instance with instant response and performance.
Background jobs runs in each components to fulfill
the user requests.
11. Copyright 2009 Trend Micro Inc.
Horizontal scaling
It is more challenge to scale up (physical limit)
than scale out (logical limit).
Cloud computing has its advantages in horizontal
scaling.
The horizontal scaling capability does not limit to a
single Cloud. It can be hybrid or even scaling to
public Cloud.
Data Physics ( time to move data/meta data
across Cloud) needs to be considered when
“Surge computing” to Public Cloud. (Data
replication to public cloud before disaster may
introduce cost)
12. Copyright 2009 Trend Micro Inc.
Parallelization
Parallelization works hand in hand with Horizontal
Scaling.
Parallelization cancel the impact of the fail rate of
each component to increase availability and
performance.
Application client intelligence, load balancer, and
global server load balancer, are technologies to
achieve parallelization.
Among the above three, application client
intelligence has lowest CAPEX and OPEX of the
service availability, so it is most preferred by the
implement Parallelization.
However, the most common easy way for
parallelization is hardware/software load balancer.
13. Copyright 2009 Trend Micro Inc.
• Hosts
• Servers onto which guest VM services will be
provisioned
• Primary Storage
• VM storage
• Cluster
• A grouping of hosts and their associated storage
• Pod
• Collection of clusters
• Network
• Logical network associated with service offerings
• Secondary Storage
• Template, snapshot and ISO storage
• Zone
• Collection of pods, network offerings and secondary
storage
• Management Server Farm (mgmts. + DBs)
• Responsible for all management and provisioning
tasks
Core CloudStack Components
Zone
CloudStack Pod
Cluster
Host
Host
Network
Primary
Storage
VM
VM
CloudStack Pod
Cluster
Secondary
Storage
14. Copyright 2009 Trend Micro Inc.
DCS OpenCloud High Level Architecture
L3 SwitchL3 Switch
Computing
Node 1
...
Computing
Node 8
Storage
Server 1
Storage
Server 4
Secondary
Storage 1
...
Secondary
Storage 4
.
Computing
Node 1
Computing
Node 8
Secondary
Management
Server
MySQL DB
Cluster
Cluster1 Cluster2
...
Storage
Server 1
...
Storage
Server 4
Secondary
Storage 1
...
Secondary
Storage 4
Service 1 Service N
Availability Zone 1
DCS GeVLAN
Internet
service users
Internal Cloud
Admins/Customers
ISP Border
routers
..
Availability Zone 4
ISP
Distribution
Switch
L3 SwitchL3 Switch
Computing
Node 1
...
Computing
Node 8
Management
Server
MySQL DB
Cluster
Storage
Server 1
Storage
Server 4
Secondary
Storage 1
...
Secondary
Storage 4
.
Computing
Node 1
Computing
Node 8
Cluster1 Cluster2
...
Storage
Server 1
...
Storage
Server 4
Secondary
Storage 1
...
Secondary
Storage 4
Service 1 Service N
BGP
BGP
L4 SwitchL4 Switch L4 SwitchL4 Switch
Firewall FirewallFirewall Firewall
POD1 POD4
15. Copyright 2009 Trend Micro Inc.
CloudStack Regional Architecture
Management server deployment required to
have very low latency to DB servers within
the same region. It is recommended to
deploy multiple separate management
servers when crossing multiple cross
regions.
The core components of a CloudStack implementation are:Hosts – Hosts are servers from at least one of the supported virtualization providers. CloudStack fully supports hosts from multiple providers, but does not convert VM images from one hypervisor type to another. Depending on the hypervisor, a “host” may be a higher level concept. For example, in XenServer a CloudStack “host” is equivalent to a XenServer resource pool and the “host” entry is the pool master.Primary Storage – Primary storage is the hypervisor level storage containing the deployed VM storage. Primary storage options will vary by hypervisor, and depending upon the hypervisor selected, CloudStack may impose requirements upon it.Cluster – Host groups are combined into Clusters which contain the primary storage options for the Cluster. Primary storage isn’t shared outside of a Cluster. In the case of CloudStack, a Cluster in of itself does not imply modification of any clustering concept within the hypervisor. For example, in XenServer a resource pool is a host to CloudStack, and CloudStack does not create a super set of Cluster functionality for XenServer. Pod -- Host groups are combined first into Clusters and then into Pods. For many customers, a pod represents a high level physical concept like a server rackNetwork – Network is the logical and physical network associated with service offerings. Multiple concurrent network service offerings and topologies can be supported within CloudStackSecondary Storage – Secondary storage is the storage system used for template and ISO management. It also is where snapshot events occur.Zone – A zone is a collection pods to form some level of service availability. While Amazon EC2 defines an availability zone as a data center, CloudStack keeps the concept more abstract allowing cloud operators to have multiple availability zones within a given data center.Management Server Farm – The CloudStack management server farm is a grouping of CentOS/RHEL CloudStack servers forming a web farm, with an underlying MySQL cluster database. The management server farm can manage multiple Zones, and can be virtualized.